CN104023023A - IOT security risk distributed evaluation method - Google Patents
IOT security risk distributed evaluation method Download PDFInfo
- Publication number
- CN104023023A CN104023023A CN201410265228.3A CN201410265228A CN104023023A CN 104023023 A CN104023023 A CN 104023023A CN 201410265228 A CN201410265228 A CN 201410265228A CN 104023023 A CN104023023 A CN 104023023A
- Authority
- CN
- China
- Prior art keywords
- internet
- things
- security threat
- local
- detector
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Landscapes
- Computer And Data Communications (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The invention provides an IOT (Internet of Things) security risk distributed evaluation method. According to the method, an IOT gateway, a computer network, a local IOT security threat detection module, a local IOT security risk calculation module, an IOT integral security risk calculation module, an IOT security threat feature library, an IOT security threat perniciousness library and an IOT asset value library are used. The IOT security risk distributed evaluation method comprises the following steps that: the local IOT security threat is detected; a local IOT security thread detector is subjected to attenuation; the local IOT security risk is calculated; and the IOT integral security risk is calculated. The method has the advantages that a distributed IOT security threat detection and local security risk calculation method is adopted; in addition, the dynamic change of the IOT security threat is tracked, and meanwhile, the IOT security threat perniciousness and the IOT asset value are combined for quantificationally calculating the IOT faced security risk value; the large-scale IOT security data can be effectively analyzed; and in addition, the IOT security risk can be quantificationally calculated.
Description
Technical field
The invention belongs to field of information security technology, be specifically related to the distributed appraisal procedure technology of a kind of Internet of Things security risk.
Background technology
Internet of Things security risk assessment is the important technology of Internet of Things efficient public security system, its assessment result be formulate initiatively, the important evidence of positive Internet of Things Prevention-Security strategy, the general safety situation that it holds Internet of Things for Internet of Things safety manager is significant.Internet of Things sensing node is due to dispersed reason, the data volume producing is huge, and traditional security risk assessment mainly adopts data centralization assessment technology and qualitative evaluation technology, be difficult to effectively process large-scale Internet of Things secure data, reduce the accuracy of Internet of Things security risk assessment, also directly had influence on studying and judging Internet of Things security situation.
Application number is that 201310055041.6 Chinese invention patent discloses a kind of Information Security Risk Assessment Methods based on fault tree, in the method, adopting FTA to realize system risk to the network equipment calculates, and adopt non-intersect minimum cut sets to carry out risk qualitative analysis and top event probability analysis, carry out fast the location of system weakest link and calculate its probability of happening, carry out system safety deciding grade and level by the method, and propose corresponding measures to rectify and reform.But the method is not according to the condition evaluation security risk of actual security threat, and just security risk is carried out to qualitative and probability analysis, can not quantitative evaluation Information Security Risk, with certain subjectivity and one-sidedness, be difficult to be applied in Internet of Things security risk assessment.
Summary of the invention
The technical problem to be solved in the present invention is to provide a kind of Internet of Things security risk distributed appraisal procedure, and this appraisal procedure has solved problems of the prior art.
In order to solve the problems of the technologies described above, the present invention realizes in the following manner:
The distributed appraisal procedure of a kind of Internet of Things security risk, comprises things-internet gateway, computer network,
Local Internet of Things security threat detection module, the Internet of Things security threat facing for detection of local Internet of Things;
Local Internet of Things security risk computing module, the security risk value facing for calculating local Internet of Things;
Internet of Things general safety Risk Calculation module, the general safety value-at-risk facing for calculating Internet of Things;
Internet of Things security threat feature database, for storing the characteristic information of Internet of Things security threat;
Internet of Things security threat harmfulness storehouse, for storing the harmfulness value of Internet of Things security threat;
Internet of Things assets value storehouse, for storing the value of Internet of Things assets;
Described things-internet gateway is multiple, respectively with local Internet of Things security threat detection module and the communication connection of local Internet of Things security risk computing module, things-internet gateway is connected by communication protocol with computer network, and described computer network is communicated by letter and is connected with Internet of Things assets value storehouse with Internet of Things general safety Risk Calculation module, Internet of Things security threat feature database, Internet of Things security threat harmfulness storehouse.
The described distributed appraisal procedure of a kind of Internet of Things security risk, comprises the following steps:
S1: detect local Internet of Things security threat;
S2: local Internet of Things security threat detector is decayed;
S3: calculate local Internet of Things security risk;
S4: calculate Internet of Things general safety risk.
Compared with prior art, the beneficial effect that the present invention has: the technical problem existing for prior art, the present invention proposes the distributed appraisal procedure of a kind of Internet of Things security risk, the method adopts distributed Internet of Things security threat to detect and local Risk Calculation method, and follow the tracks of the dynamic change of Internet of Things security threat, the bond networking harmfulness of security threat and the value of Internet of Things assets simultaneously, calculate quantitatively the security risk value that Internet of Things faces, can effectively analyze large-scale Internet of Things secure data, and calculate quantitatively Internet of Things security risk, can be used for Internet of Things safety monitoring, security audit, the systems such as security strategy deployment, have broad application prospects.
Brief description of the drawings
Fig. 1 is fundamental diagram of the present invention;
Fig. 2 is the flow chart that local Internet of Things security threat detects;
Fig. 3 is the flow chart of local Internet of Things security threat detector decay;
Fig. 4 is the flow chart that local Internet of Things security risk is calculated;
Fig. 5 is the flow chart of Internet of Things general safety Risk Calculation.
Embodiment
Below in conjunction with the drawings and specific embodiments, the specific embodiment of the present invention is described in further detail.
As shown in Figure 1, the distributed appraisal procedure of a kind of Internet of Things security risk, comprise things-internet gateway, computer network, local Internet of Things security threat detection module, local Internet of Things security risk computing module, Internet of Things general safety Risk Calculation module, Internet of Things security threat feature database, Internet of Things security threat harmfulness storehouse and Internet of Things assets value storehouse, described things-internet gateway is multiple, respectively with local Internet of Things security threat detection module and the communication connection of local Internet of Things security risk computing module, things-internet gateway is connected by communication protocol with computer network, described computer network and Internet of Things general safety Risk Calculation module, Internet of Things security threat feature database, Internet of Things security threat harmfulness storehouse is connected with the communication of Internet of Things assets value storehouse.
The data of described Internet of Things security threat feature database TL are that Internet of Things security threat data set is collected, it is by threatening numbering, threatening title and threat characteristics information to form, structure is: TL={<tID, tName, Signature}, wherein, tID is for threatening numbering, tName is for threatening title, and Signature is threat characteristics information.
The data of described Internet of Things security threat harmfulness storehouse HL are by Internet of Things security expert and engineers and technicians' assessment, it is made up of harmfulness numbering, threat numbering and harmfulness value, structure is: HL={<sID, tID, h}, wherein, sID is harmfulness numbering, tID is the corresponding numbering that threatens, and h is harmfulness value.
The data of described Internet of Things assets value storehouse AL are assessed by Internet of Things administrative staff, it is made up of asset number, assets title and assets value, its structure is: AL={<aID, aName, v}, wherein, aID is asset number, aName is assets title, and v is assets value.
Fig. 2 is the flow chart that local Internet of Things security threat detects; Fig. 3 is the flow chart of local Internet of Things security threat detector decay; Fig. 4 is the flow chart that local Internet of Things security risk is calculated; Fig. 5 is the flow chart of Internet of Things general safety Risk Calculation, as shown in the figure, the invention provides the distributed appraisal procedure of a kind of Internet of Things security risk, comprises the following steps:
S1: detect local Internet of Things security threat; Specifically comprise the following steps:
S11: read Internet of Things security threat feature database: download the characteristic information of Internet of Things security threat from Internet of Things security threat feature database, and build local Internet of Things security threat property detector data set, comprise the following steps:
S111: build local Internet of Things security threat detector data collection: the initial data set T={<tID that sets up local Internet of Things security threat detector, signature, count, time>}, wherein, the numbering that tID is detector, signature is the characteristic information of the security threat that detector is corresponding, count is the quantity that detector detects security threat, and time is the time that detector detects security threat;
S112: download Internet of Things security threat characteristic information: connect long-range Internet of Things security threat feature database, download security threat characteristic information;
S113: the local Internet of Things security threat of initialization detector data collection: according to i the Internet of Things security threat characteristic information of downloading, concentrate and set up i detector t in local Internet of Things security threat detector data
i, wherein, t
i.tID assignment is the numbering of corresponding security threat feature, t
i.signature assignment is the characteristic information of corresponding security threat, t
i.count assignment is 0;
S12: obtain Internet of Things data from things-internet gateway: access things-internet gateway, catches connected network communication data from things-internet gateway;
S13: extract Internet of Things data characteristics: according to the Internet of Things communication data formation networking data feature of catching, comprise the following steps:
S131: obtain Internet of Things communication data header packet information;
S132: obtain the critical field in header packet information;
S133: formation networking data feature: the critical field of obtaining is encapsulated to formation networking data feature;
S14: judge whether the step that security threat feature is mated with Internet of Things data characteristics: the feature of Internet of Things security threat detector is mated with Internet of Things data characteristics, comprise the following steps:
S141: feature and the Internet of Things data characteristics of comparative networking security threat detector: use t
i.signature compare with Internet of Things data characteristics;
S142: judge next step operation: if do not have security threat feature to mate with Internet of Things data characteristics, finish local Internet of Things security threat and detect;
S15: upgrade security threat detector: the information to the detector that Internet of Things security threat detected is upgraded, and comprises the following steps:
S151: the count territory of the cumulative detector that security threat detected: by t
i.count add 1;
S152: record detects the time of security threat: by t
i.time be set to detect the time of security threat.
S2: local Internet of Things security threat detector is decayed; Specifically comprise the following steps:
S21: read local Internet of Things security threat detector;
S22: judge and security threat whether detected in time T, comprise the following steps:
S221: calculate current time and t
i.count difference between territory: by current time and t
i.count the difference between territory is assigned to T
span;
S222: judge T
spanwhether be less than T;
S223: judge next step operation: if T
span<T, finishes local Internet of Things security threat detector decay;
S23: judge that whether detector has decayed, and comprises the following steps:
S231: judge t
i.count whether territory equals 0;
S232: judge next step operation: if t
i.count=0, finish local Internet of Things security threat detector decay;
S24: upgrade security threat detector, comprise the following steps:
S241: the count territory of the detector that security threat do not detected of successively decreasing: by t
i.count subtract 1;
S242: upgrade the time that security threat detected: by t
i.time be set to current time.
S3: calculate local Internet of Things security risk; Specifically comprise the following steps:
S31: read Internet of Things security threat detector: concentrate the information of reading in all detectors from Internet of Things security threat detector data;
S32: read Internet of Things security threat harmfulness storehouse: the harmfulness value of reading in all security threats from Internet of Things security threat harmfulness storehouse;
S33: read Internet of Things assets value storehouse: the value of reading in property networking assets from Internet of Things assets value storehouse;
S34: traversal Internet of Things security threat detector: scan one by one Internet of Things security threat detector t
i;
S35: calculate the value-at-risk that current threat detection device produces: count territory, threat harmfulness and the local Internet of Things assets value of calculating current threat detection device are long-pending, is the corresponding value-at-risk R producing that threatens of current threat detection device
j_i, be also R
j_i=t
i.count × h
i× v
j, wherein, h
ifor the harmfulness value of security threat corresponding to current threat detection device, v
jfor the value of the property networking assets under current things-internet gateway;
S36: judge that whether traversal finishes, and comprises the following steps:
S361: judge whether it is last detector: judge whether i is greater than m, wherein, m is the total quantity of security threat detector;
S362: judge next step operation: if i<m, execution step S34;
S37: calculate local Internet of Things security risk value: calculate the corresponding value-at-risk sum producing that threatens of all local threat detection devices, its assignment is given to the security risk value R of local Internet of Things
j,
S4: calculate Internet of Things general safety risk; Comprise the following steps:
S41: read Internet of Things assets value storehouse: the value of reading in property networking assets from Internet of Things assets value storehouse;
S42: travel through local Internet of Things security risk value: scanning of home Internet of Things security risk value R one by one
j;
S43: calculate the influence value that current local Internet of Things security risk causes Internet of Things general safety risk: calculate the amassing of assets value weight under current local Internet of Things security risk and current local things-internet gateway, be the influence value R that current local Internet of Things security risk causes Internet of Things general safety risk
j_imp, be also
wherein, the total quantity that n is things-internet gateway;
S44: judge that whether traversal finishes, and comprises the following steps:
S441: judge whether it is last local Internet of Things security risk: judge whether j is greater than n;
S442: judge next step operation: if j<n, execution step S42;
S45: calculate Internet of Things general safety value-at-risk: calculate the influence value sum that all local Internet of Things security risks cause Internet of Things general safety risk, by its assignment to Internet of Things general safety value-at-risk R,
The above is only embodiments of the present invention; statement again, for those skilled in the art, under the premise without departing from the principles of the invention; can also carry out some improvement to the present invention, these improvement are also listed in the protection range of the claims in the present invention.
Claims (6)
1. the distributed appraisal procedure of Internet of Things security risk, is characterized in that: comprise things-internet gateway, and computer network,
Local Internet of Things security threat detection module, the Internet of Things security threat facing for detection of local Internet of Things;
Local Internet of Things security risk computing module, the security risk value facing for calculating local Internet of Things;
Internet of Things general safety Risk Calculation module, the general safety value-at-risk facing for calculating Internet of Things;
Internet of Things security threat feature database, for storing the characteristic information of Internet of Things security threat;
Internet of Things security threat harmfulness storehouse, for storing the harmfulness value of Internet of Things security threat;
Internet of Things assets value storehouse, for storing the value of Internet of Things assets;
Described things-internet gateway is multiple, respectively with local Internet of Things security threat detection module and the communication connection of local Internet of Things security risk computing module, things-internet gateway is connected by communication protocol with computer network, and described computer network is communicated by letter and is connected with Internet of Things assets value storehouse with Internet of Things general safety Risk Calculation module, Internet of Things security threat feature database, Internet of Things security threat harmfulness storehouse.
2. the distributed appraisal procedure of a kind of Internet of Things security risk according to claim 1, is characterized in that: comprise the following steps:
S1: detect local Internet of Things security threat;
S2: local Internet of Things security threat detector is decayed;
S3: calculate local Internet of Things security risk;
S4: calculate Internet of Things general safety risk.
3. the distributed appraisal procedure of a kind of Internet of Things security risk according to claim 2, is characterized in that: described S1 detects local Internet of Things security threat; Specifically comprise the following steps:
S11: read Internet of Things security threat feature database: download the characteristic information of Internet of Things security threat from Internet of Things security threat feature database, and build local Internet of Things security threat property detector data set, comprise the following steps:
S111: build local Internet of Things security threat detector data collection: the initial data set T={<tID that sets up local Internet of Things security threat detector, signature, count, time>}, wherein, the numbering that tID is detector, signature is the characteristic information of the security threat that detector is corresponding, count is the quantity that detector detects security threat, and time is the time that detector detects security threat;
S112: download Internet of Things security threat characteristic information: connect long-range Internet of Things security threat feature database, download security threat characteristic information;
S113: the local Internet of Things security threat of initialization detector data collection: according to i the Internet of Things security threat characteristic information of downloading, concentrate and set up i detector t in local Internet of Things security threat detector data
i, wherein, t
i.tID assignment is the numbering of corresponding security threat feature, t
i.signature assignment is the characteristic information of corresponding security threat, t
i.count assignment is 0;
S12: obtain Internet of Things data from things-internet gateway: access things-internet gateway, catches connected network communication data from things-internet gateway;
S13: extract Internet of Things data characteristics: according to the Internet of Things communication data formation networking data feature of catching, comprise the following steps:
S131: obtain Internet of Things communication data header packet information;
S132: obtain the critical field in header packet information;
S133: formation networking data feature: the critical field of obtaining is encapsulated to formation networking data feature;
S14: judge whether the step that security threat feature is mated with Internet of Things data characteristics: the feature of Internet of Things security threat detector is mated with Internet of Things data characteristics, comprise the following steps:
S141: feature and the Internet of Things data characteristics of comparative networking security threat detector: use t
i.signature compare with Internet of Things data characteristics;
S142: judge next step operation: if do not have security threat feature to mate with Internet of Things data characteristics, finish local Internet of Things security threat and detect;
S15: upgrade security threat detector: the information to the detector that Internet of Things security threat detected is upgraded, and comprises the following steps:
S151: the count territory of the cumulative detector that security threat detected: by t
i.count add 1;
S152: record detects the time of security threat: by t
i.time be set to detect the time of security threat.
4. the distributed appraisal procedure of a kind of Internet of Things security risk according to claim 2, is characterized in that: described S2 decays to local Internet of Things security threat detector; Specifically comprise the following steps:
S21: read local Internet of Things security threat detector;
S22: judge and security threat whether detected in time T, comprise the following steps:
S221: calculate current time and t
i.count difference between territory: by current time and t
i.count the difference between territory is assigned to T
span;
S222: judge T
spanwhether be less than T;
S223: judge next step operation: if T
span<T, finishes local Internet of Things security threat detector decay;
S23: judge that whether detector has decayed, and comprises the following steps:
S231: judge t
i.count whether territory equals 0;
S232: judge next step operation: if t
i.count=0, finish local Internet of Things security threat detector decay;
S24: upgrade security threat detector, comprise the following steps:
S241: the count territory of the detector that security threat do not detected of successively decreasing: by t
i.count subtract 1;
S242: upgrade the time that security threat detected: by t
i.time be set to current time.
5. the distributed appraisal procedure of a kind of Internet of Things security risk according to claim 2, is characterized in that: described S3 calculates local Internet of Things security risk; Specifically comprise the following steps:
S31: read Internet of Things security threat detector: concentrate the information of reading in all detectors from Internet of Things security threat detector data;
S32: read Internet of Things security threat harmfulness storehouse: the harmfulness value of reading in all security threats from Internet of Things security threat harmfulness storehouse;
S33: read Internet of Things assets value storehouse: the value of reading in property networking assets from Internet of Things assets value storehouse;
S34: traversal Internet of Things security threat detector: scan one by one Internet of Things security threat detector t
i;
S35: calculate the value-at-risk that current threat detection device produces: count territory, threat harmfulness and the local Internet of Things assets value of calculating current threat detection device are long-pending, is the corresponding value-at-risk R producing that threatens of current threat detection device
j_i, be also R
j_i=t
i.count × h
i× v
j, wherein, h
ifor the harmfulness value of security threat corresponding to current threat detection device, v
jfor the value of the property networking assets under current things-internet gateway;
S36: judge that whether traversal finishes, and comprises the following steps:
S361: judge whether it is last detector: judge whether i is greater than m, wherein, m is the total quantity of security threat detector;
S362: judge next step operation: if i<m, execution step S34;
S37: calculate local Internet of Things security risk value: calculate the corresponding value-at-risk sum producing that threatens of all local threat detection devices, its assignment is given to the security risk value R of local Internet of Things
j,
6. the distributed appraisal procedure of a kind of Internet of Things security risk according to claim 2, is characterized in that: described S4 calculates Internet of Things general safety risk; Comprise the following steps:
S41: read Internet of Things assets value storehouse: the value of reading in property networking assets from Internet of Things assets value storehouse;
S42: travel through local Internet of Things security risk value: scanning of home Internet of Things security risk value R one by one
j;
S43: calculate the influence value that current local Internet of Things security risk causes Internet of Things general safety risk: calculate the amassing of assets value weight under current local Internet of Things security risk and current local things-internet gateway, be the influence value R that current local Internet of Things security risk causes Internet of Things general safety risk
j_imp, be also
wherein, the total quantity that n is things-internet gateway;
S44: judge that whether traversal finishes, and comprises the following steps:
S441: judge whether it is last local Internet of Things security risk: judge whether j is greater than n;
S442: judge next step operation: if j<n, execution step S42;
S45: calculate Internet of Things general safety value-at-risk: calculate the influence value sum that all local Internet of Things security risks cause Internet of Things general safety risk, by its assignment to Internet of Things general safety value-at-risk R,
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201410265228.3A CN104023023B (en) | 2014-06-13 | 2014-06-13 | IOT security risk distributed evaluation method |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201410265228.3A CN104023023B (en) | 2014-06-13 | 2014-06-13 | IOT security risk distributed evaluation method |
Publications (2)
Publication Number | Publication Date |
---|---|
CN104023023A true CN104023023A (en) | 2014-09-03 |
CN104023023B CN104023023B (en) | 2017-02-15 |
Family
ID=51439593
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201410265228.3A Expired - Fee Related CN104023023B (en) | 2014-06-13 | 2014-06-13 | IOT security risk distributed evaluation method |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN104023023B (en) |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106789946A (en) * | 2016-11-30 | 2017-05-31 | 平顶山学院 | A kind of Internet of Things security evaluation method |
CN108650157A (en) * | 2018-05-18 | 2018-10-12 | 深圳源广安智能科技有限公司 | A kind of intelligent domestic system |
CN108810033A (en) * | 2018-07-25 | 2018-11-13 | 安徽三实信息技术服务有限公司 | A kind of Internet of Things safety control system and control method |
CN117811839A (en) * | 2024-02-29 | 2024-04-02 | 北京双湃智安科技有限公司 | Network security monitoring device and method for monitoring Internet of things equipment |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20040015728A1 (en) * | 2002-01-15 | 2004-01-22 | Cole David M. | System and method for network vulnerability detection and reporting |
CN102404324A (en) * | 2011-11-23 | 2012-04-04 | 郭正韦华 | System for sensing safety of node data of Internet of things |
CN102622632A (en) * | 2012-02-28 | 2012-08-01 | 刘杨志 | Quality safety management identification forming method and quality safety management identification forming system based on internet of things |
-
2014
- 2014-06-13 CN CN201410265228.3A patent/CN104023023B/en not_active Expired - Fee Related
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20040015728A1 (en) * | 2002-01-15 | 2004-01-22 | Cole David M. | System and method for network vulnerability detection and reporting |
CN102404324A (en) * | 2011-11-23 | 2012-04-04 | 郭正韦华 | System for sensing safety of node data of Internet of things |
CN102622632A (en) * | 2012-02-28 | 2012-08-01 | 刘杨志 | Quality safety management identification forming method and quality safety management identification forming system based on internet of things |
Non-Patent Citations (2)
Title |
---|
张雁等: ""一种物联网安全威胁危害度计算方法"", 《信息与电脑》 * |
雷璟: ""物联网安全测评和风险评估技术研究"", 《电讯技术》 * |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106789946A (en) * | 2016-11-30 | 2017-05-31 | 平顶山学院 | A kind of Internet of Things security evaluation method |
CN108650157A (en) * | 2018-05-18 | 2018-10-12 | 深圳源广安智能科技有限公司 | A kind of intelligent domestic system |
CN108810033A (en) * | 2018-07-25 | 2018-11-13 | 安徽三实信息技术服务有限公司 | A kind of Internet of Things safety control system and control method |
CN117811839A (en) * | 2024-02-29 | 2024-04-02 | 北京双湃智安科技有限公司 | Network security monitoring device and method for monitoring Internet of things equipment |
CN117811839B (en) * | 2024-02-29 | 2024-04-26 | 北京双湃智安科技有限公司 | Network security monitoring device and method for monitoring Internet of things equipment |
Also Published As
Publication number | Publication date |
---|---|
CN104023023B (en) | 2017-02-15 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN103581186B (en) | A kind of network security situational awareness method and system | |
CN104767757B (en) | Various dimensions safety monitoring method and system based on WEB service | |
WO2016192495A1 (en) | Account theft risk identification method, identification apparatus, and prevention and control system | |
US11132752B2 (en) | Integrity management system to manage and control data between entities in an oil and gas asset supply chain | |
CN102340485B (en) | Network security situation awareness system and method based on information correlation | |
CN101902366B (en) | Method and system for detecting abnormal service behaviors | |
CN107241352A (en) | A kind of net security accident classificaiton and Forecasting Methodology and system | |
CN105471882A (en) | Behavior characteristics-based network attack detection method and device | |
CN104023023A (en) | IOT security risk distributed evaluation method | |
Singh et al. | An approach to understand the end user behavior through log analysis | |
CN103905440A (en) | Network security situation awareness analysis method based on log and SNMP information fusion | |
CN116861446A (en) | Data security assessment method and system | |
CN118133339B (en) | Compliance intelligent early warning system and early warning method based on data behavior feature analysis | |
Ruan et al. | Deep learning for cybersecurity in smart grids: Review and perspectives | |
CN113704328B (en) | User behavior big data mining method and system based on artificial intelligence | |
CN110460576A (en) | A kind of multifunctional network Security Situation Awareness Systems | |
CN114036059A (en) | Automatic penetration testing system and method for power grid system and computer equipment | |
Soo Lon Wah et al. | Damage detection under temperature conditions using PCA–an application to the Z24 Bridge | |
CN110460575A (en) | One kind can be realized security audit functional network Security Situation Awareness Systems | |
CN117176441A (en) | System and method for detecting security log event of network equipment | |
Flammini et al. | Optimisation of security system design by quantitative risk assessment and genetic algorithms | |
CN112084239A (en) | Signaling network security mining analysis method based on big data characteristic model recognition | |
Shakya et al. | Intrusion detection system using back propagation algorithm and compare its performance with self organizing map | |
Sharma et al. | Temporal and consumer driven cluster analysis for identification of FDI attacks in smart grid | |
CN109951445A (en) | Network security settlement of insurance claim appraisal procedure and system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C14 | Grant of patent or utility model | ||
GR01 | Patent grant | ||
CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20170215 Termination date: 20200613 |
|
CF01 | Termination of patent right due to non-payment of annual fee |